I wonder if someone here did the hack.me "Hackme Launch" (https://hack.me/101052/vulnerable-webapp.html) too and managed to gain root access or revealed the administrator password. Per sql injection I could read out the database with all it's user entries. I haven't seen an admin account and i was not able to load the ".htaccess" file. Has anyone of you found a way and may give me a hint?

Thanks

Last edited by b4sh on Fri Jan 25, 2013 8:26 am, edited 1 time in total.